Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] blocking tor is not the right way forward. It may

from [John Sprocket] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] blocking tor is not the right way forward. It may just be the right way backward.
Date: Sat, 3 Jun 2006 16:15:49 -0400 
so you're saying sacrifice the ability for a identifying legit attacker for
the
sake of allowing privacy for the masses? okay, sure. i never really
cared about my data in the first place. ;-)

attackers have other ways, most definitely. but why use one of those other
methods (proxying through a botnet) when you have tor already available
to you?

don't get me wrong by the way. i use tor all the time. and i'm a pretty
legit tor user if i say so myself :), but i can understand why someone would
want to block it. i imagine a forensics person looks and sees a tor ip and
thinks "okay. i just deadended. there's nothing i can do because this is
a tor exit node." with a botnet, most bots can be traced back to their
meeting point which is a little bit more useful.

is there an easier way for denying tor? or instead of denying, how about
identifying a user as being tor and then redirecting them to a page that
explains why a tor user isn't allowed to visit a specific website.
if there's a better way to identify a tor user (malicious or not),
perhaps the list will benefit from it and come up with a better solution.

On 6/3/06, Joel Jose <joeljose420@gmail.com> wrote: 

its not just fair game. we had discussed it in tor irc chan. ok so you
just made a apache mod for the black list. tor always did and always do
allow anyone to block tor users if they please. but the easiness which tor
gives for the blocking must not be overused to deny tor communications even
for legitimate purposes(definition vague).

hopefully the blacklists, apache mods.. and other methods of blocking tor
are not "default" enabled. And hopefully the security cookbooks and other
HOWTO's dont come with a default recommendation to enable these tor blocking
modules.

The admin needs to be educated about tor. Ideally he must be able to
decide for himself the balance betrween anonimity and performance. He should
be empowered to take his own decision. An educated and well informed
decision. Remember " if privacy is outlawed, only outlaws will have
privacy".. and hackers have better ways to protect their privacy.. but as of
today.. legitimate users dont have that luxury.. tor is thier most practical
hope.

joel.

--
As soon as men decide that all means are permitted to fight an
evil, then their good becomes indistinguishable from the evil
that they set out to destroy.
                      - Christopher Dawson, The Judgment of Nations

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] How stop DoS and SYN attack.., Tim
Next by Date:  Re: [Full-disclosure] Tool Release - Tor Blocker, Jason Areff
Previous by Thread:  RE: [Full-disclosure] Blocking Tor is not the right way forward. It may just be the right way backward., Ali-Reza Anghaie
Next by Thread:  Re: [Full-disclosure] blocking tor is not the right way forward. It may just be the right way backward., Tonnerre Lombard
Indexes:  [Date] [Thread] [Top] [All Lists]